FuzzNugget writes "According to Wired, the two CFAA charges that were laid against the man who exploited a software bug on a video poker machine have been officially dismissed. Says Wired: '[U.S. District Judge Miranda] Du had asked prosecutors to defend their use of the federal anti-hacking law by Wednesday, in light of a recent 9th Circuit ruling that reigned in the scope of the CFAA. The dismissal leaves John Kane, 54, and Andre Nestor, 41, facing a single remaining charge of conspiracy to commit wire fraud.' Kane's lawyer agreed, stating, 'The case never should have been filed under the CFAA, it should have been just a straight wire fraud case. And I'm not sure its even a wire fraud. I guess we'll find out when we go to trial.'"
Catch up on stories from the past week (and beyond) at the Slashdot story archive
wiredmikey writes "A new report from the Pentagon marked the most explicit statement yet from the United States that it believes China's cyber espionage is focused on the U.S. government, as well as American corporations. China kept up a steady campaign of hacking in 2012 that included attempts to target U.S. government computer networks, which could provide Beijing a better insight into America's policy deliberations and military capabilities, according to the Pentagon's annual assessment of China's military. 'China is using its computer network exploitation capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,' said the report to Congress (PDF). The digital espionage was part of a broader industrial espionage effort that seeks to secure military-related U.S. and Western technology, allowing Beijing to scale back its reliance on foreign arms manufacturers, the report said. One day later, Beijing dismissed the Pentagon's report that accused it of widespread cyberspying on the U.S. government, rejecting it as an 'irresponsible' attempt to drum up fear of China as a military threat."
SternisheFan writes with an excerpt from Ars Technica: "Attacks exploiting a previously unknown and currently unpatched vulnerability in Microsoft's Internet Explorer browser have spread to at least nine other websites, including those run by a big European company operating in the aerospace, defense, and security industries as well as non-profit groups and institutes, security researchers said. The revelation, from a blog post published Sunday by security firm AlienVault, means an attack campaign that surreptitiously installed malware on the computers of federal government workers involved in nuclear weapons research was broader and more ambitious than previously thought. Earlier reports identified only a website belonging to the US Department of Labor as redirecting to servers that exploited the zero-day remote-code vulnerability in IE version 8. ... 'The specific Department of Labor website that was compromised provides information on a compensation program for energy workers who were exposed to uranium,' CrowdStrike said. 'Likely targets of interest for this site include energy-related US government entities, energy companies, and possibly companies in the extractive sector. Based on the other compromised sites other targeted entities are likely to include those interested in labor, international health and political issues, as well as entities in the defense sector.'"
SternisheFan tipped us to news that the infamous copyright trolls Prenda Law are in a bit of trouble with the law. Today, U.S. District Court judge Otis Wright issued sanctions against Prenda. He recommends that the lawyers involved be disbarred and fined, granted court and lawyer fees to the defendants (doubled for punishment), and has referred them for criminal prosecution. Among the findings of fact are that they set up dozens of shell companies to disguise the true owners, actually committed identity theft, dodged taxes on settlement money, lied to the court, and abused the court by setting settlements on flimsy charges just below the cost of a defense.
On Friday, we mentioned that Defense Distributed had created a (near-enough-to) fully 3-D printed pistol. Sparrowvsrevolution now writes that "Last week, the Liberator was fired for the first time at a firing range and successfully shot a .380 caliber bullet using a remote firing setup. Over the weekend, Defense Distributed's founder, the anarchist and radical libertarian Cody Wilson, was bold enough to try firing it by hand. The results of that test, witnessed by a reporter, indicate that the era of the 3D-printed firearm may be upon us, for better or for worse." Predictably, certain politicians are — so to speak — up in arms about it.
An anonymous reader writes "A Methusen, Mass. high schooler, who goes by the rapper name 'Cammy Dee' has been arrested after posting lyrics that police felt were 'communicating terrorist threats.' This wouldn't be the first time rap lyrics were investigated, but if formally charged for 'communicating terrorist threats' this would a set a chilling low bar for terrorist investigations."
New submitter davesays writes "CNN anchors Erin Burnett and Carol Costello have interviewed Former FBI Counterterrorisim specialist Tim Clemente. In the interviews he asserts that all digital communications are recorded and stored. Clemente: 'No, welcome to America. All of that stuff is being captured as we speak whether we know it or like it or not.' 'All of that stuff' — meaning every telephone conversation Americans have with one another on U.S. soil, with or without a search warrant — 'is being captured as we speak.' 'No digital communication is secure,' by which he means not that any communication is susceptible to government interception as it happens (although that is true), but far beyond that: all digital communications — meaning telephone calls, emails, online chats and the like — are automatically recorded and stored and accessible to the government after the fact. To describe that is to define what a ubiquitous, limitless Surveillance State is."
dryriver writes "Dear Slashdotters, We are a two man crew who have spent almost three years developing a video processing algorithm that 'upgrades' the visual quality of digital video footage. We take video footage that is "of average quality" — think an amateur shooting on a cheap digital camcorder or on a smartphone camera — and use various mathematical tricks we have developed to make the footage look better — optically sharper, better lit, more vivid colours, improved contrast, enhanced sense of three-dimensionality and of 'being-there realism.' In about a month, we will be presenting our algorithm to some venture capitalists. We have the obligatory before-and-after video demos prepared for this, of course. But there will also be a short PowerPoint presentation where we explain our tech in some detail. Now here is our main question: What, in your opinion, should we — or indeed should we NOT — put in the PowerPoint presentation to impress a Venture Capitalist? Should we talk about how we developed the algorithm at all — what kind of R&D and testing was involved? Should we try to walk the VCs through how our algorithm works under the hood — simplified a bit for a 'non-engineer' audience of course? Or should we stick to talking about market potential, marketing strategy & money-related stuff only? If you were in our shoes — presenting a digital video-quality improvement technology to professional VCs — what would and would you not put in your PowerPoint? Any advice on this from Slashdotters with some experience would be most welcome!"
theodp writes "E-mails and other communications between employees,' explains Google in a newly-published patent application for its Policy Violation Checker invention, 'can implicate potential violations of company policy or local, state or federal law that can go unchecked by attorneys or other legal personnel.' So how can you avoid those embarrassing Goldman Sachs and Enron e-mail gaffes? Use Google's 'methods and systems for identifying problematic phrases in an electronic document'! From the patent application: 'Documents may be used as evidence in court, administrative, or other proceedings. It is in a company's best interest to minimize or eliminate policy violations and/or situations that could give rise to legal liability. It is also often in a company's best interest to be able to Pack [?] these situations. Problematic phrases include, but are not limited to, phrases that present policy violations, have legal implications, or are otherwise troublesome to a company, business, or individual.' So, if you can't Do-No-Evil, at least you can Do-No-Discoverable-Evil!"
Why does a car rated for 47mpg fall so far short? The Houston Chronicle features an article on just why EPA gas estimates can be so different from real-world drivers' experience at the pump (or in looking at the dashboard display), in particular for hybrid cars. From the article: "A geometric average of the FTP-75 and HFET results (with city driving weighted at 55 percent and highway driving weighted at 45 percent) produces a vehicle's CAFE fuel economy, which is then incorporated into a manufacturer's corporate average. CAFE is measured using these tests to the present day. In fact, this methodology will be 50 years old when it's used to gauge compliance with the forthcoming 54.5-mpg CAFE requirements in 2025. That kind of continuity is admirable in baseball, but not in transportation. These tests are irrelevant to contemporary real-world driving. For example, the maximum acceleration on either test is 3.3 mph per second. At that rate, it takes more than 18 seconds to hit 60 mph. Even in the horsepower-deprived 1970s, most people were driving harder than that. And the 60-mph maximum speed on the highway test does not accord with the 75-mph truth of today's interstate traffic."
freddienumber13 writes "The CCTV cameras operated by the local government in the country town of Nowra, NSW (Australia) have been turned off following an order by the Administrative Decisions Tribunal. The local government is crying because it believes that it is losing an effective method in combating crime in public. Locals however are rejoicing that they are no longer being recorded whilst walking down the street."
Techdirt explains the strange story of a lawsuit-happy bus company in Illinois which managed to tick off a cadre of determined redditors by calling them uncomplimentary names in the reddit forums. This all started when a bus passenger, Jeremy Leval, reported unsavory behavior by a company employee (telling an exchange student "If you don't understand English, you don't belong at the University of Illinois or any 'American' University.") and said so online. Besides the name calling on reddit, the bus company threatened the forum moderator with libel charges, and over insults posted by the bus company employees which the moderator had deleted. Further, company owner "[Dennis] Toeppen threatened to sue Leval, saying, 'The attorneys for Suburban Express are reviewing this incident with a view towards filing the appropriate legal action against this meddlesome MBA student.'" Attorney Ken White of Popehat got involved, though, and asked with good effect whether the company had fully considered the Streisand Effect. The strangest part? Toeppen's former involvement as a domain squatter.
puddingebola writes with a New York Times article about how mundane PC equipment — not just more esoteric and eyebrow-raising network monitoring equipment from Blue Coat — makes its way to Syria: "Large amounts of computer equipment from Dell have been sold to the Syrian government through a Dubai-based distributor despite strict trade sanctions intended to ban the selling of technology to the regime, according to documents obtained by The New York Times. The disclosure of the computer sales is the latest example of how the Syrian government has managed to acquire technology, some of which is used to censor Internet activity and track opponents of the Syrian president, Bashar al-Assad."
Jeremiah Cornelius writes "Bruce Schneier, security expert (and rational voice in the wilderness), explains in an editorial on CNN why 'Connecting the Dots' is a 'Hindsight Bias.' In heeding calls to increase the amount of surveillance data gathered and shared, agencies like the FBI have impaired their ability to discover actual threats, while guaranteeing erosion of personal and civil freedom. 'Piling more data onto the mix makes it harder, not easier. The best way to think of it is a needle-in-a-haystack problem; the last thing you want to do is increase the amount of hay you have to search through. The television show Person of Interest is fiction, not fact.'"
hypnosec writes "U.S. officials have told the Indian Government that they will not be able to serve summons to the executives of companies like Google and Facebook because they are not convinced that the content hosted on these sites can cause violence and that these summons impact 'free speech principles.' The reply comes as a response to India's request to the US to help serve papers to 11 Internet companies accused of hosting content on their sites that was meant to fuel communal hatred and violence. The U.S. authorities said that there are limitations when it comes to protection on free speech — when the speech comprises a true threat or provokes imminent violence — but in this particular case there is not sufficient evidence of either of these."
A year ago today, we noted that Sen. Rand Paul of Kentucky called for the abolition of the Transportation Security Administration. It's now nearly 12 years since the hijacked-plane terror attacks of 2001; the TSA was created barely two months later, and has been (with various rules, procedures, and equipment, all of it controversial for reasons of privacy, safety, and efficacy) a major presence ever since at American commercial airports. "The American people shouldn't be subjected to harassment, groping, and other public humiliation simply to board an airplane," wrote Paul last year, and in June of 2012, he followed up by introducing two bills on the topic; the first calling for a "bill of rights" for air travelers, the other for privatizing airport screening practices. Neither bill went far. Should they have? Libertarian-leaning Paul did not succeed in knocking back the TSA, never mind privatizing its functions (currently funded at nearly $8 billion annually), though some of the things called for in his bill of rights are manifest now at least in muted form. (Very young passengers, as well as elderly passengers, face less stringent security requirements, for instance, and TSA has ended its prohibition of certain items aboard planes.) Whether you're from the U.S. or not, what practical changes would you like to see implemented? What shouldn't be on the bill of rights for airplane passengers?
First time accepted submitter carlypage3 writes "Benefits claimants in the UK are being forced to use Microsoft's now obsolete Windows XP and Internet Explorer 6 software. The Department of Work and Pensions (DWP) states that its online forms are not compatible with Internet Explorer 7, 8, 9 and 10, Safari, Google Chrome or Firefox. As if that wasn't unnerving enough, the Gov.UK website says that users cannot submit claims using Mac OS X or Linux operating systems, either." (Note: as we noted not long ago, it's not just the DWP that's stuck using IE6.)
nk497 writes "Dutch police are set to get the power to hack people's computers or install spyware as part of investigations — but antivirus experts say they won't help police reach their targets. Mikko Hypponen, chief research officer at F-Secure, said the Dutch bill could lead to antivirus firms being asked asked to cooperate with authorities to let an attack reach the target. So far, Hypponen hasn't seen a single antivirus vendor cooperate with such a request, and said his own firm wouldn't want to take part. Purely for business reasons, it doesn't make sense to fail to protect customers and let malware through 'regardless of the source.'"
hypnosec writes "Google has indirectly walked right into one of the Middle East's most obstinate conflicts by labeling Palestine as an independent nation — wiping off the term 'Palestinian Territories' and replacing it with 'Palestine' in its localized search page. Google's move is more or less in line with the UN's October decision to name Palestine as a non-member observer state. The status given to Palestine will allow the state to join UN debates as well as global bodies such as the International Criminal Court, in theory at least. Up until May 1, anyone visiting http://www.google.ps were shown the phrase Palestinian Territories. This change is definitely not a huge one but, it has attracted criticism from politicians in Israel."
rjupstate writes "The Pentagon is quickly moving to approve the latest devices and platforms from BlackBerry, Samsung, and Apple. That's good news for two of those companies. It's not-so-good news for BlackBerry. 'The Pentagon currently has about 600,000 smartphone users – almost all using BlackBerrys – but ultimately aims to have as many as 8m smartphones and tablets, under the terms of a scheme made public last November.' 'In its effort to expand into the high security government niche, one that BlackBerry has enjoyed near singular control of for years, Samsung recently created a government advisory board made up of Samsung executives and security experts from various U.S. and foreign government security agencies. ... In the end, the program will likely elevate that status of both Apple and Samsung within military and civilian government agencies in the U.S. and other western countries.'"